Adriano,
I can not speak for "the average pkcs#11 library" -- our single specific C++
implementation does base on PC/SC.
In an operating system that allows the user to switch between different
applications at will, it is hard to assure that you will not have concurrent
access to the smart card, or at least tightly interleaving accesses.
But even if you do not worry about concurrency, the PKCS#11 implementation that
you use might internally be very tricky and not just store one key as one file.
For example, think about what happens if your smart card session is disrupted
(because for example the user pulled the card), while you were just in the
middle of overwriting a file, and now the file is partly old and partly new.
The PKCS#11 implementation that you use could prevent this kind of damage by
having the file in question kept in an old plus a new version, at least for a
while, and keeping track of which one is the current. Or take compression of
data. If your other application would try to do all this by hand and in the
same way like the PKCS#11 implementation, it will be complicated, hard to
maintain when the PKCS#11 library changes internally, and the chances of errors
are high. In my oppinion, all those standard considerations of software
engineering would suggest that it is not a good idea to duplicate function that
is internal and highly specific to the PKCS#11 library. Consider this my last
word on this topic here. Call me if you want to continue the discussion :-)
Frank Seliger
IBM Pervasive Computing Division
Schoenaicher Str. 220, 71032 Boeblingen, Germany
[EMAIL PROTECTED] Tel.
+49-7031-16-3142
---
> Visit the OpenCard web site at http://www.opencard.org/ for more
> information on OpenCard---binaries, source code, documents.
> This list is being archived at http://www.opencard.org/archive/opencard/
! To unsubscribe from the [EMAIL PROTECTED] mailing list send an email
! to
! [EMAIL PROTECTED]
! containing the word
! unsubscribe
! in the body.
